Static code analyzers

Tools

angr (binary analysis framework)

Angr is a security tool written in Python to allow analyzing binaries. It provides a combination of static and dynamic analysis.

» Angr review and details

Bandit (Python static code analyzer)

Bandit is an AST-based static analyzer for analyzing Python code. It helps with finding code flaws that could lead to security vulnerabilities.

» Bandit review and details

graudit (static code analysis tool)

Graudit is a security tool to perform static code analysis by using the grep tool. It is a lightweight solution to find common issues in code.

» Graudit review and details

yasca (source code analysis)

Yasca is a tool to perform code analysis and linting. It can be used by developers and security professionals to evaluate the code quality.

» Yasca review and details